Skip to content

Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload

Notifications You must be signed in to change notification settings

im-hanzou/WooRefer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WooRefer | CVE-2022-4047 - Return Refund and Exchange For WooCommerce

Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload (Mass PHP File Upload)


  • Using GNU Parallel. You must have parallel for run this tool.
  • If you found error like "$'\r': command not found" just do "dos2unix woorefer.sh"

Install Parallel

  • Linux : apt-get install parallel -y
  • Windows : You can install WSL (windows subsystem linux) then do install like linux
    if you want use windows (no wsl), install GitBash then do this command for install parallel:
    [#] curl pi.dk/3/ > install.sh
    [#] sha1sum install.sh | grep 12345678
    [#] md5sum install.sh
    [#] sha512sum install.sh
    [#] bash install.sh

How To Use

  • Make sure you already install Parallel! Then do:
  • [#] git clone https://github.com/im-hanzou/WooRefer.git
  • [#] cd WooRefer
  • [#] For Linux or WSL: bash woorefer.sh list.txt thread
  • [#] For Gitbash: TMPDIR=/tmp bash woorefer.sh list.txt thread

Reference

Disclaimer:

  • This tool is for educational purposes only. Use it responsibly and with proper authorization. The author is not responsible for any misuse.

About

Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload

Topics

Resources

Stars

Watchers

Forks

Languages